Following the mortgage industry and Land Registry decisions to dematerialise title deeds to properties in the early 2000’s, there has been a huge rise in property related fraud. The idea behind the decision was to save money on production and storage costs, as well as time producing documents. No longer are owners required to produce an actual Land or Charge Certificate, which were only issued by the Land Registry. Instead, all that is required is a copy of the Registry’s electronic copy of the title.
In addition, the increased use of email and other technology has also given fraudsters even greater opportunities to attack property transactions. As a result, we and our clients face the risk of property fraud and cyber security threats. Despite having increasingly robust IT security systems in place, no-one is safe from the threat. We have to remain vigilant at all times and so must our clients.
The most common cybercrime in the legal sector in 2016 was email hacking of conveyancing transactions. This resulted in £7m of losses reported in the last year. The majority of the crimes reported to the Solicitors Regulation Authority are what have been termed ‘Friday Afternoon’ frauds. These usually take place on a Friday, as it is traditionally a busy completion day for conveyancing solicitors. The fraudsters rely on the fact that large sums of money are being transferred between clients and their solicitors on completion days and take the opportunity to hack emails and modify account details to divert funds from the intended destination. The fraud is often not discovered until after the weekend, giving the criminals plenty of time to move the funds on and make them untraceable.
So how can we and our clients ensure that we best protect ourselves from the risks faced?
We make sure that we know who our client is. It can be frustrating having banks, estate agents and solicitors asking to see you with your passport and a utility bill, but we are all ensuring that the person that we are dealing with is who they say they are.
We check the credentials of the firm acting for the other party by checking with the Solicitors Regulation Authority or the Council of Licensed Conveyancers. We also have the ability to cross check their client account details via a 3rd party verifier.
We provide our clients with our bank details in our initial letter and add that we would never notify them of a change in an email. Our emails also include this warning in the footer.
We treat unexpected emails and attachments with caution and recommend that our clients do the same. If in doubt, call us to make sure that the email/document has been sent by us. Also check who the sender is and the actual e-mail address. Do you normally receive emails from that person and is the address correct?
Do not worry about calling us to confirm bank details – we will do the same. It’s an old saying, but it’s better to be safe than sorry.
You can take steps yourselves to protect your property from being fraudulently sold or mortgaged. Particularly if the property is mortgage free, rented or not occupied by you permanently. The Land Registry has some useful advice that can be found at www.gov.uk/propertyfraud and you can sign up to their free Property Alert service at www.gov.uk/property-alert.
Keep your anti-virus software up to date and lock home Wi-Fi networks. Criminals have also been known to monitor online activity (including social media posts announcing imminent house moves) so they know when to pounce with a hacked email.
And finally: Treat your passwords like your toothbrush! Change them regularly; don’t leave them lying around; and don’t loan or share them with anybody.